"Why of why" this stored code in <add_Your's_CMS_here;)> application "will be" used like this?

Because, attacker who wants Your files/box/etc, will attack You via any possible way.
Any :)
So, please understand it: even only one simple "not critical" hole can make You owned.

Simple way:
1. attacker will create 'new account'. (let's say, there is a bug in comments like this )
2. now attacker is logged in. so if xss is in this part of webapp, he can put his code here.
What code?

shell

malware

phishing

Simple? :)
3. Added code is making whole part of other (nexts) attacks,

"How I owned 27 MLN box'xs?" In my imagination only. :)
Reason is simple: I do not break the law.

But there is one thing You should be sure:
someone somewhere is searching for new vulnerabilities in lates products.
Webapps, closed-source soft, whatever.

Now, simple XSS for "normal user" can be used for this:
You found bug in some latest $cms?
Type this version in www.google.com. Got the idea?
So type this version (where vuln You found) @Google + "Powered.by"... ;]
Got it now? ;)

Answer You will see in millions.
"
In a short way: if Your webapp/CMS can be exploited by XSS, then there is no
problem to build botnet (site:powered.by... and write python code to store-XSS and 'search for next target' should tell You the rest).